bjquanjiang
/
DigitalScholl
1
0
Fork 0
Koodi Ongelmat 0 Pull-pyynnöt 0 Julkaisut 0 Wiki Toiminta
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2509 Commitit
27 Branchit
925 MiB
 
 
 
 
 
 
Puu: d3b0737874
Branchit Tagit
${ item.name }
Create branch ${ searchTerm }
from 'd3b0737874'
${ noResults }
DigitalScholl/Learun.Framework.Ultimate V7/Learun.Application.WebApi/Modules/SSOApi.cs

432 rivejä
18 KiB
Raaka Blame Historia 

  1. using Learun.Application.AppMagager;

  2. using Learun.Util;

  3. using Nancy;

  4. using System.Collections.Generic;

  5. using System.Linq;

  6. using Learun.Application.Base.SystemModule;

  7. using Learun.Application.TwoDevelopment.LR_Desktop;

  8. using System.Text;

  9. using System.Data;

  10. using Learun.Application.OA;

  11. using System.Configuration;

  12. using Learun.Application.TwoDevelopment.Permission;

  13. using System;

  14. using Learun.Cache.Factory;

  15. using Learun.Cache.Base;

  16. using Learun.Util.Operat;

  17. 

  18. namespace Learun.Application.WebApi.Modules

  19. {

  20. 

  21.     public class SSOApi : BaseApi

  22.     {

  23.         private Perm_FunctionIBLL perm_FunctionIBLL = new Perm_FunctionBLL();

  24.         private Perm_FunctionTypeIBLL perm_FunctionTypeIBLL = new Perm_FunctionTypeBLL();

  25.         Perm_UserPermissionIBLL permUserPermissionIbll = new Perm_UserPermissionBLL();

  26.         private Perm_FunctionVisitIBLL functionVisitIbll = new Perm_FunctionVisitBLL();

  27.         private ICache cache = CacheFactory.CaChe();

  28. 

  29.         public SSOApi()

  30.             : base("/quanjiang/sso")

  31.         {

  32.             Get["/list"] = GetList;

  33.             Get["/list20"] = GetList20;

  34.             Get["/goto"] = GoTo;

  35.             Get["/goto20"] = GoToApplication;

  36.             Get["first"] = First;

  37.             Post["first"] = FirstPost;

  38.             Get["authorize"] = Authorize;

  39.             Get["/out"] = outApplication;

  40.             Get["/userstat"] = userstat;

  41.         }

  42. 

  43.         #region 统一身份认证3.0

  44.         /// <summary>

  45.         /// 退出

  46.         /// </summary>

  47.         /// <param name="_"></param>

  48.         /// <returns></returns>

  49.         public Response outApplication(dynamic _)

  50.         {

  51.             string appid = Request.Query["appid"];

  52.             string appkey = Request.Query["appkey"];

  53.             string m = Request.Query["m"];

  54.             string t = Request.Query["t"];

  55.             if (string.IsNullOrEmpty(appid))

  56.             {

  57.                 return Fail("参数:appid不能为空");

  58.             }

  59.             if (string.IsNullOrEmpty(appkey))

  60.             {

  61.                 return Fail("参数:appkey不能为空");

  62.             }

  63.             if (string.IsNullOrEmpty(m))

  64.             {

  65.                 return Fail("参数:m不能为空");

  66.             }

  67.             if (string.IsNullOrEmpty(t))

  68.             {

  69.                 return Fail("参数:t不能为空");

  70.             }

  71.             var application = perm_FunctionIBLL.GetPerm_FunctionEntity(appid);

  72.             if (application != null)

  73.             {

  74.                 if (Md5Helper.Encrypt(application.FSecret, 32) == appkey)

  75.                 {

  76.                     OperatorHelper.Instance.EmptyCurrent(DESEncrypt.Decrypt(t), DESEncrypt.Decrypt(m));

  77.                     return SuccessString("true");

  78.                 }

  79.                 else

  80.                 {

  81.                     return Fail("appkey错误");

  82.                 }

  83.             }

  84.             else

  85.                 return Fail("未授权的appid");

  86.         }

  87.         /// <summary>

  88.         /// 获取用户登录状态

  89.         /// </summary>

  90.         /// <param name="_"></param>

  91.         /// <returns></returns>

  92.         public Response userstat(dynamic _)

  93.         {

  94.             string appid = Request.Query["appid"];

  95.             string appkey = Request.Query["appkey"];

  96.             string m = Request.Query["m"];

  97.             string t = Request.Query["t"];

  98.             if (string.IsNullOrEmpty(appid))

  99.             {

  100.                 return Fail("参数:appid不能为空");

  101.             }

  102.             if (string.IsNullOrEmpty(appkey))

  103.             {

  104.                 return Fail("参数:appkey不能为空");

  105.             }

  106.             if (string.IsNullOrEmpty(m))

  107.             {

  108.                 return Fail("参数:m不能为空");

  109.             }

  110.             if (string.IsNullOrEmpty(t))

  111.             {

  112.                 return Fail("参数:t不能为空");

  113.             }

  114.             var application = perm_FunctionIBLL.GetPerm_FunctionEntity(appid);

  115.             if (application != null)

  116.             {

  117.                 if (Md5Helper.Encrypt(application.FSecret, 32) == appkey)

  118.                 {

  119.                     OperatorResult res = OperatorHelper.Instance.IsOnLine(DESEncrypt.Decrypt(t), DESEncrypt.Decrypt(m));

  120.                     if (res.stateCode == 1)

  121.                     {

  122.                         return SuccessString("true");

  123.                     }

  124.                     else

  125.                     {

  126.                         return Fail("登录无效");

  127.                     }

  128.                 }

  129.                 else

  130.                 {

  131.                     return Fail("appkey错误");

  132.                 }

  133.             }

  134.             else

  135.                 return Fail("未授权的appid");

  136.         }

  137. 

  138.         #endregion

  139. 

  140.         /// <summary>

  141.         /// 统一身份认证2.0

  142.         /// </summary>

  143.         /// <param name="_"></param>

  144.         /// <returns></returns>

  145.         public Response Authorize(dynamic _)

  146.         {

  147.             string appid = Request.Query["appid"];

  148.             string secret = Request.Query["secret"];

  149.             string appkey = Request.Query["appkey"];

  150.             if (string.IsNullOrEmpty(appid))

  151.             {

  152.                 return Fail("参数:appid不能为空");

  153.             }

  154.             if (string.IsNullOrEmpty(secret))

  155.             {

  156.                 return Fail("参数:secret不能为空");

  157.             }

  158.             if (string.IsNullOrEmpty(appkey))

  159.             {

  160.                 return Fail("参数:appkey不能为空");

  161.             }

  162.             var application = perm_FunctionIBLL.GetPerm_FunctionEntity(appid);

  163.             if (application != null)

  164.             {

  165.                 if (Util.DESEncrypt.Decrypt(application.FSecret,

  166.                     ConfigurationManager.AppSettings["SSOPublicSecret"]).Equals(secret))

  167.                 {

  168.                     try

  169.                     {

  170.                         var code = DESEncrypt.Decrypt(appkey, "bjqjsso");

  171. 

  172.                         if (!string.IsNullOrEmpty(cache.Read<string>(code)))

  173.                         {

  174.                             return Success(new { useraccount = cache.Read<string>(code) });

  175.                         }

  176.                         else

  177.                         {

  178.                             return Fail("appkey已过期");

  179.                         }

  180.                     }

  181.                     catch (Exception e)

  182.                     {

  183.                         return Fail("appkey错误");

  184.                     }

  185.                 }

  186.                 else

  187.                 {

  188.                     return Fail("secret错误");

  189.                 }

  190.             }

  191.             else

  192.                 return Fail("未授权的appid");

  193.         }

  194. 

  195.         private Response FirstPost(dynamic _)

  196.         {

  197.             string publickey = ConfigurationManager.AppSettings["SSOPublicSecret"];

  198.             var ssoparam = this.GetReqData<SSOParam>();

  199.             if (!string.IsNullOrEmpty(ssoparam.UPId))

  200.             {

  201.                 Perm_FunctionEntity up = new Perm_FunctionEntity();

  202.                 up.UPUserName = ssoparam.UPUserName;

  203.                 up.UPPass = ssoparam.UPPass;

  204.                 up.FId = ssoparam.FId;

  205.                 up.UserId = ssoparam.UserId;

  206.                 perm_FunctionIBLL.SaveEntityByUPId(ssoparam.UPId, up);

  207.                 return Success(new { FInterfaceUrl = "/SSO/GoTo?sysid=" + DESEncrypt.Encrypt(up.FId, publickey) + "&openid=" + DESEncrypt.Encrypt(up.UserId, publickey) });

  208.             }

  209.             else

  210.             {

  211.                 return Fail("参数错误");

  212.             }

  213.         }

  214. 

  215.         private Response First(dynamic _)

  216.         {

  217.             string publickey = ConfigurationManager.AppSettings["SSOPublicSecret"];

  218.             var ssoparam = this.GetReqData<SSOParam>();

  219.             string sysid = ssoparam.sysid;

  220.             string strsysid = DESEncrypt.Decrypt(sysid, publickey);

  221.             string openid = ssoparam.openid;

  222.             string userid = DESEncrypt.Decrypt(openid, publickey);

  223.             var uplist = permUserPermissionIbll.GetPerm_UserPermissionEntityByFIdAndUid(strsysid, userid);

  224.             if (uplist == null)

  225.             {

  226.                 return Fail("用户未授权。");

  227.             }

  228.             var perfun = perm_FunctionIBLL.GetPerm_FunctionEntityByUPId(uplist.UPId);

  229.             return Success(perfun);

  230.         }

  231. 

  232.         public class SSOParam

  233.         {

  234.             public string sysid { get; set; }

  235.             public string openid { get; set; }

  236.             public string UPId { get; set; }

  237.             public string FId { get; set; }

  238.             public string UserId { get; set; }

  239.             public string UPUserName { get; set; }

  240.             public string UPPass { get; set; }

  241.             public string appid { get; set; }

  242.         }

  243. 

  244.         public Response GoToApplication(dynamic _)

  245.         {

  246.             var userinfo = userInfo;

  247.             var ssoparam = this.GetReqData<SSOParam>();

  248.             if (userinfo != null)

  249.             {

  250.                 var type = 0;//1学生 0教师

  251.                 if (userinfo.Description == "学生")

  252.                 {

  253.                     type = 1;

  254.                 }

  255.                 var perm_application = perm_FunctionIBLL.GetPerm_FunctionEntity(ssoparam.appid);

  256.                 if (perm_application != null)

  257.                 {

  258.                     //写入当前请求所登录的用户

  259.                     var code = Util.CommonHelper.RndNum(9);

  260.                     cache.Write(code, userinfo.account, TimeSpan.FromMinutes(10));

  261.                     var url = perm_application.FUrl;

  262.                     if (url.Contains("?"))

  263.                     {

  264.                         url += "&appkey=" + Md5Helper.Encrypt(Util.DESEncrypt.Decrypt(perm_application.FSecret, ConfigurationManager.AppSettings["SSOPublicSecret"]), 32) + "&name=" + DESEncrypt.Encrypt(userinfo.realName, Util.DESEncrypt.Decrypt(perm_application.FSecret, ConfigurationManager.AppSettings["SSOPublicSecret"]), false) + "&no=" + DESEncrypt.Encrypt(userinfo.IdentityCardNo, Util.DESEncrypt.Decrypt(perm_application.FSecret, ConfigurationManager.AppSettings["SSOPublicSecret"]), false) + "&acc=" + DESEncrypt.Encrypt(userinfo.enCode, Util.DESEncrypt.Decrypt(perm_application.FSecret, ConfigurationManager.AppSettings["SSOPublicSecret"]), false) + "&type=" + type + "&m=" + DESEncrypt.Encrypt(userinfo.loginMark) + "&t=" + DESEncrypt.Encrypt(userinfo.token);

  265.                     }

  266.                     else

  267.                     {

  268.                         url += "?appkey=" + Md5Helper.Encrypt(Util.DESEncrypt.Decrypt(perm_application.FSecret, ConfigurationManager.AppSettings["SSOPublicSecret"]), 32) + "&name=" + DESEncrypt.Encrypt(userinfo.realName, Util.DESEncrypt.Decrypt(perm_application.FSecret, ConfigurationManager.AppSettings["SSOPublicSecret"]), false) + "&no=" + DESEncrypt.Encrypt(userinfo.IdentityCardNo, Util.DESEncrypt.Decrypt(perm_application.FSecret, ConfigurationManager.AppSettings["SSOPublicSecret"]), false) + "&acc=" + DESEncrypt.Encrypt(userinfo.enCode, Util.DESEncrypt.Decrypt(perm_application.FSecret, ConfigurationManager.AppSettings["SSOPublicSecret"]), false) + "&type=" + type + "&m=" + DESEncrypt.Encrypt(userinfo.loginMark) + "&t=" + DESEncrypt.Encrypt(userinfo.token);

  269.                     }

  270.                     return Success(new { FInterfaceUrl = url });

  271.                 }

  272.                 else

  273.                     return Fail("appid解析失败,请确认。");

  274.             }

  275.             else

  276.             {

  277.                 return Fail("用户信息解析失败,请确认。");

  278.             }

  279.         }

  280. 

  281.         public Response GoTo(dynamic _)

  282.         {

  283.             try

  284.             {

  285.                 var ssoparam = this.GetReqData<SSOParam>();

  286.                 string publickey = ConfigurationManager.AppSettings["SSOPublicSecret"];

  287.                 string sysid = ssoparam.sysid;

  288.                 string strsysid = DESEncrypt.Decrypt(sysid, publickey);

  289.                 string openid = ssoparam.openid;

  290.                 string userid = DESEncrypt.Decrypt(openid, publickey);

  291.                 var uplist = permUserPermissionIbll.GetPerm_UserPermissionEntityByFIdAndUid(strsysid, userid);

  292.                 Perm_FunctionVisitEntity functionVisitEntity = new Perm_FunctionVisitEntity();

  293.                 functionVisitEntity.Create();

  294.                 functionVisitEntity.Fid = strsysid;

  295.                 functionVisitEntity.PDate = DateTime.Now;

  296.                 functionVisitEntity.PUId = userid;

  297.                 var userinfo = userInfo;

  298.                 functionVisitEntity.PUName = userinfo.realName;

  299.                 if (uplist == null)

  300.                 {

  301.                     functionVisitEntity.PIsLoginSuccess = false;

  302.                     functionVisitEntity.PContent = "用户未授权";

  303.                     functionVisitIbll.SaveEntity(null, functionVisitEntity);

  304.                     return Fail("用户未授权。");

  305.                 }

  306. 

  307.                 var perfun = perm_FunctionIBLL.GetPerm_FunctionEntityByUPId(uplist.UPId);

  308.                 string secretkey = DESEncrypt.Decrypt(perfun.FSecret, publickey);

  309.                 if (perfun.FIsManagePage == true)

  310.                 {

  311.                     if (!string.IsNullOrEmpty(perfun.FInterfaceUrl))

  312.                     {

  313.                         if (!string.IsNullOrEmpty(perfun.UPUserName) && !string.IsNullOrEmpty(perfun.UPPass))

  314.                         {

  315.                             functionVisitEntity.PIsLoginSuccess = true;

  316.                             functionVisitEntity.PContent = "成功转到统一认证网站:" + perfun.FUrl;

  317.                             functionVisitIbll.SaveEntity(null, functionVisitEntity);

  318.                             var user = LoginUserInfo.Get();

  319.                             return Success(new

  320.                             {

  321.                                 FInterfaceUrl = perfun.FInterfaceUrl + "?u=" +

  322.                                             DESEncrypt.Encrypt(DESEncrypt.Encrypt(perfun.UPUserName, secretkey),

  323.                                                 publickey) + "&p=" +

  324.                                             DESEncrypt.Encrypt(DESEncrypt.Encrypt(perfun.UPPass, secretkey),

  325.                                                 publickey) + "&t=" +

  326.                                             DESEncrypt.Encrypt(

  327.                                                 DESEncrypt.Encrypt(DateTime.Now.ToString("yyyyMMddHHmmss"), secretkey),

  328.                                                 publickey) + "&ip=" +

  329.                                             DESEncrypt.Encrypt(DESEncrypt.Encrypt(GetIP(), secretkey), publickey)

  330.                                              + "&m=" + DESEncrypt.Encrypt(user.loginMark) + "&t=" + DESEncrypt.Encrypt(user.token)

  331.                             });

  332.                         }

  333.                         else

  334.                         {

  335.                             functionVisitEntity.PIsLoginSuccess = false;

  336.                             functionVisitEntity.PContent = "用户未配置转到用户名密码配置页面";

  337.                             functionVisitIbll.SaveEntity(null, functionVisitEntity);

  338.                             //用户未配置转到用户名密码配置页面

  339.                             return Success(new { FInterfaceUrl = "/SSO/FirstLogin?sysid=" + sysid + "&openid=" + openid });

  340.                         }

  341.                     }

  342.                     else

  343.                     {

  344.                         functionVisitEntity.PIsLoginSuccess = false;

  345.                         functionVisitEntity.PContent = "未配置登录接口地址";

  346.                         functionVisitIbll.SaveEntity(null, functionVisitEntity);

  347.                         return Fail("未配置登录接口地址。");

  348.                     }

  349.                 }

  350.                 else

  351.                 {

  352.                     if (!string.IsNullOrEmpty(perfun.FUrl))

  353.                     {

  354.                         functionVisitEntity.PIsLoginSuccess = true;

  355.                         functionVisitEntity.PContent = "成功转到统一认证网站:" + perfun.FUrl;

  356.                         functionVisitIbll.SaveEntity(null, functionVisitEntity);

  357.                         return Success(new { FInterfaceUrl = perfun.FUrl });

  358.                     }

  359.                     else

  360.                     {

  361.                         functionVisitEntity.PIsLoginSuccess = false;

  362.                         functionVisitEntity.PContent = "未配置地址";

  363.                         functionVisitIbll.SaveEntity(null, functionVisitEntity);

  364.                         return Fail("未配置地址。");

  365.                     }

  366.                 }

  367.             }

  368.             catch (Exception e)

  369.             {

  370.                 return Fail("参数错误。");

  371.             }

  372.         }

  373. 

  374.         public Response GetList20(dynamic _)

  375.         {

  376.             var userinfo = userInfo;

  377.             var functionlist = perm_FunctionIBLL.GetListByUserId(userinfo.userId).Where(m => m.FIsH5 == true).Select(m =>

  378.                 new

  379.                 {

  380.                     m.FName,

  381.                     m.FId,

  382.                 });

  383.             return Success(functionlist);

  384.         }

  385. 

  386. 

  387.         /// <summary> 

  388.         /// 获取页面显示列表数据 

  389.         /// <summary> 

  390.         /// <param name="_"></param> 

  391.         /// <returns></returns> 

  392.         public Response GetList(dynamic _)

  393.         {

  394.             string publickey = ConfigurationManager.AppSettings["SSOPublicSecret"];

  395.             var logininfo = userInfo;

  396.             var datatype = perm_FunctionTypeIBLL.GetListByUserId(userInfo.userId);

  397.             foreach (var typeEntity in datatype)

  398.             {

  399.                 var datafunction = perm_FunctionIBLL.GetListByFTId(typeEntity.FTId, userInfo.userId).Where(m => m.FIsH5 == true);

  400.                 foreach (var item in datafunction)

  401.                 {

  402.                     if (item.FIsManagePage == true)

  403.                     {

  404.                         item.FInterfaceUrl = "/SSO/GoTo?sysid=" + DESEncrypt.Encrypt(item.FId, publickey) + "&openid=" + DESEncrypt.Encrypt(logininfo.userId, publickey);

  405.                     }

  406.                     else

  407.                     {

  408.                         item.FInterfaceUrl = item.FUrl;

  409.                     }

  410.                     item.FUrl = null;

  411.                 }

  412.                 typeEntity.PermFunction = datafunction.ToList();

  413.             }

  414.             return Success(datatype);

  415.         }

  416.         /// <summary>

  417.         /// 获取IP

  418.         /// </summary>

  419.         /// <returns></returns>

  420.         private string GetIP()

  421.         {

  422.             string ip = string.Empty;

  423.             if (!string.IsNullOrEmpty(System.Web.HttpContext.Current.Request.ServerVariables["HTTP_VIA"]))

  424.                 ip = Convert.ToString(System.Web.HttpContext.Current.Request.ServerVariables["HTTP_X_FORWARDED_FOR"]);

  425.             if (string.IsNullOrEmpty(ip))

  426.                 ip = Convert.ToString(System.Web.HttpContext.Current.Request.ServerVariables["REMOTE_ADDR"]);

  427.             return ip;

  428.         }

  429.     }

  430. 

  431. 

  432. }